professor-messer-sy0-701-comptia-security-plus-course-notes-v106

The CIA Triad consists of __________, __________, and __________.

Confidentiality, Integrity, and Availability

Non-repudiation refers to the ability to provide __________ for actions performed.

Proof of integrity and authenticity to ensure a party cannot deny their actions.

The principle of least privilege aims to give users only the access necessary to __________ their job functions.

Perform.

In vulnerability scanning, a __________ scan tests internal and external systems for open ports.

Port.

A Distributed Denial of Service (DDoS) attack aims to make a service unavailable by __________ it with excessive traffic.

Overloading.

The process of ensuring a system operates normally after an incident is called __________.

Recovery.

In risk management, an unacceptable level of risk that must be avoided or mitigated is referred to as __________ risk.

Unacceptable.

A security policy that allows or disallows access based on group membership is known as __________ access control.

Role-based.

The acronym UTM stands for __________.

Unified Threat Management.

A strong password policy often encourages the use of __________, __________, and __________ characters.

Uppercase letters, lowercase letters, and special.

Multi-factor authentication includes something you know, something you have, and something __________.

You are.

Zero trust security requires that ___________ is verified before granting access, no matter where the request originates from.

Everything.

Malware designed to replicate and spread without user intervention is classified as a __________.

Worm.

The process of disguising information to make it difficult to understand is known as __________.

Obfuscation.

The framework used to guide the identification and analysis of security incidents is referred to as __________.

NIST SP800-61.

The confidential email security standard to ensure secure submittal of emails is __________.

DMARC.

When it comes to data retention, organizations often must comply with specific __________ requirements depending on their industry.

Legal.

A Directed attack usually targets a specific __________ or __________ rather than a random group.

Organization; individual.